Solved

wireless router

Posted on 2007-04-09
3
338 Views
Last Modified: 2010-04-24
I want to replace the wired router in my LAN with a wireless router.  This is a LAN with Windows SBS 2003 server with one network card and all clients on a single subset.  I'm planning on just dropping the wireless router in place of the wired router and maintain the same topology.  Are there any security concerns I need to be aware of, aside from setting a strong password for wireless access?
0
Comment
Question by:mattyfatbags
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 39

Accepted Solution

by:
PUNKY earned 125 total points
ID: 18880235
Security:
Change the administrator password. All routers ship with default passwords for the management account, and these are common knowledge on the Internet. Your first step should always be to change the admin password to something unique.
Turn on encryption. No wireless encryption method is perfect, but some is better than none. Without encryption, anyone in the neighborhood can hop on your network, and you probably don't want that. If all the devices you own support WPA, use it (WPA-PSK is the type you want, if that's an option). Otherwise, use 128-bit WEP, which you might have to use if you have older networking products around your office.
Change the name of your network. Many people never change the generic network names like "belkin" and "linksys," and not only will you have trouble identifying which network is yours, you're also telling the world your network may be in a default state and vulnerable to hacking.
Now we're getting into more advanced stuff. These are changes that only the security-paranoid need to consider. More casual users can stick with just those above.

Turn off SSID broadcasting. When you scan for networks in Windows, you get a nice list of networks because they are all broadcasting their SSID, a network ID code. If you don't want your network to show up in this list, turn off SSID broadcasting. The downside: You'll have to type in the network name manually when you first connect to it.
Turn on MAC filtering. A MAC is a unique code that every piece of network hardware has. You can set your router to only accept connections from devices with MACs that you allow. Just input the MAC address for your various PCs and other devices, and anything not on the guest list will be escorted to the door. Note that if you're not comfortable with hexadecimal and the inner workings of networking, this tip may be more trouble for you than it's worth.

Improve signal: http://www.microsoft.com/athome/moredone/wirelesstips.mspx
0
 
LVL 39

Expert Comment

by:PUNKY
ID: 18880239
And I recommend to use Linksys/Cisco wireless router.
0
 
LVL 12

Expert Comment

by:David Wall
ID: 18880948
I would definitely not use wep encription it is easily broken, also hiding your ssid is not the best idea as it is easily found with netstumbler.

MAC number security can be overcome easily I believe with kismet but have never tried it.

The best defence WPA security if ypur devices dont supportthem I would definitely upgrade them so that it can be used.



0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have had so many issues with my Vodafone 3G card (Novatel Merlin u630, provided by French carrier SFR) on Windows XP laptops that I thought I would create an help page for other users (I solved the issues). First issue, with my IBM/Lenovo lapto…
I recently purchased a Bluetooth headset called the Music Jogger (model BSH10). The control buttons on it look like this: One of my goals is to use it as the microphone and speakers for Skype calls. In that respect, it works well. However, I …
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question